New Zealand’s top 200 companies and government departments are facing serious DMARC compliance issues, putting them at 36th spot worldwide.

In recent years, many major countries around the world have begun to recognize the importance of email security to prevent phishing attacks. In this climate of rapid change in cybersecurity practices, New Zealand has been lagging behind its peers in its levels of awareness and response to global security trends.

We conducted a study of 332 domains of organizations both in the public and private sectors. Among the domains we surveyed were:

  • Deloitte Top 200 List (2019)
  • New Zealand’s top energy companies
  • Top telecom companies
  • NZ registered banks
  • The New Zealand Government (excluding Crown entities).

By studying their public DNS records and gathering data on their SPF and DMARC statuses, we were able to gather data on how well-protected major New Zealand organizations are against spoofing. You can download our study to find out the details behind these numbers:

  • Only 37 domains, or 11%, had enforced DMARC at a level of quarantine or reject, which is required to stop domain spoofing.
  • Less than 30% of Government domains had implemented DMARC correctly at any level.
  • 14% of organizations observed had invalid SPF records and 4% had invalid DMARC records — many of them had errors in their records, and some even had multiple SPF and DMARC records for the same domain.

Our full study contains an in-depth exploration of the biggest hurdles New Zealand companies face in effectively implementing DMARC.

PowerDMARC, the Delaware-based email security provider, has joined hands with one of Australia’s premier information security companies. In a move that’s expected to bring awareness about email security into the mainstream, PowerDMARC’s partnership with CyberSecOn is projected to boost DMARC compliance rates in Australia and New Zealand.

“This is a huge opportunity,” said Faisal Al Farsi, Co-Founder of PowerDMARC, “not just for CyberSecOn and us, but for DMARC as a whole. We really want to see more and more companies take a stand against email phishing, and DMARC is how they can do it. CyberSecOn are as enthusiastic as we are about this, and we can’t wait to see what the future holds for us.”

CyberSecOn are headquartered in Melbourne, Australia, and have been providing security solutions to major names in both the enterprise and government sector. As active members of the Global Cyber Alliance, both companies have been pushing boundaries in the field of cybersecurity in their mutual mission to protect corporate and user data from being misused. This partnership is the latest in their endeavors to bridge the geographic gap so companies around the world can share and collaborate more freely.

“We’d like to think of this as a new page in the book of cybersecurity,” said Shankar Arjunan, Director of CyberSecOn. “This is a chance for us to write something we can all collectively be proud of. We’re incredibly excited to have them join us, and we hope this partnership is as effective for them as it is for us.”